diff options
Diffstat (limited to 'athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/CertificateExpiryMetricUpdater.java')
| -rw-r--r-- | athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/CertificateExpiryMetricUpdater.java | 30 |
1 files changed, 7 insertions, 23 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/CertificateExpiryMetricUpdater.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/CertificateExpiryMetricUpdater.java index 2d80b15c7ec..cd69099ea80 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/CertificateExpiryMetricUpdater.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/CertificateExpiryMetricUpdater.java @@ -1,12 +1,10 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.athenz.instanceproviderservice; +import com.google.inject.Inject; import com.yahoo.component.AbstractComponent; import com.yahoo.jdisc.Metric; -import com.google.inject.Inject; - -import java.security.KeyStoreException; import java.time.Duration; import java.time.Instant; import java.util.concurrent.Executors; @@ -21,23 +19,18 @@ import java.util.logging.Logger; public class CertificateExpiryMetricUpdater extends AbstractComponent { private static final Duration METRIC_REFRESH_PERIOD = Duration.ofMinutes(5); - private static final String NODE_CA_CERT_METRIC_NAME = "node-ca-cert.expiry.seconds"; private static final String ATHENZ_CONFIGSERVER_CERT_METRIC_NAME = "athenz-configserver-cert.expiry.seconds"; private final Logger logger = Logger.getLogger(CertificateExpiryMetricUpdater.class.getName()); private final ScheduledExecutorService scheduler = Executors.newSingleThreadScheduledExecutor(); private final Metric metric; - private final AthenzSslKeyStoreConfigurator keyStoreConfigurator; - private final AthenzSslTrustStoreConfigurator trustStoreConfigurator; + private final ConfigserverSslContextFactoryProvider provider; @Inject public CertificateExpiryMetricUpdater(Metric metric, - AthenzSslKeyStoreConfigurator keyStoreConfigurator, - AthenzSslTrustStoreConfigurator trustStoreConfigurator) { + ConfigserverSslContextFactoryProvider provider) { this.metric = metric; - this.keyStoreConfigurator = keyStoreConfigurator; - this.trustStoreConfigurator = trustStoreConfigurator; - + this.provider = provider; scheduler.scheduleAtFixedRate(this::updateMetrics, 30/*initial delay*/, @@ -56,20 +49,11 @@ public class CertificateExpiryMetricUpdater extends AbstractComponent { } private void updateMetrics() { - Instant now = Instant.now(); - try { - Duration keyStoreExpiry = Duration.between(now, keyStoreConfigurator.getCertificateExpiry()); + Duration keyStoreExpiry = Duration.between(Instant.now(), provider.getCertificateNotAfter()); metric.set(ATHENZ_CONFIGSERVER_CERT_METRIC_NAME, keyStoreExpiry.getSeconds(), null); - } catch (KeyStoreException e) { - logger.log(Level.WARNING, "Failed to update key store expiry metric", e); - } - - try { - Duration trustStoreExpiry = Duration.between(now, trustStoreConfigurator.getTrustStoreExpiry()); - metric.set(NODE_CA_CERT_METRIC_NAME, trustStoreExpiry.getSeconds(), null); - } catch (KeyStoreException e) { - logger.log(Level.WARNING, "Failed to update trust store expiry metric", e); + } catch (Exception e) { + logger.log(Level.WARNING, "Failed to update key store expiry metric: " + e.getMessage(), e); } } } |